spring-security-oauth2 not working with Java 10

Question

My current environment is using Spring Boot 2 and Tomcat 9 and Java 10.

I'm not able to use the Spring OAuth2 package without adding the following dependencies - which I found thru RuntimeExceptions - So I'm not 100% certain this resolves all issues. I realize that Java 9 has removed these packages from SE but has anyone determined a better dependency tree for Spring oAuth2 as it doesn't seem to run with Java 9 or higher?

Spring Security oAuth2...

org.springframework.security.oauth:spring-security-oauth2:2.3.3.RELEASE

Depends on these packages based on trial & error...

javax.xml.bind:jaxb-api:2.3.0
com.sun.xml.bind:jaxb-impl:2.3.0
com.sun.xml.bind:jaxb-core:2.3.0
javax.activation:activation:1.1.1  

This is related to the following... it's clear Spring Boot needs a updated oauth2 implementation.

 JEP 320 is targeted for Java 11 (September 2018) and will remove the following modules deprecated "for removal" by Java 9:

 java.corba — CORBA
 java.transaction — The subset of the Java Transaction API defined by Java SE to support CORBA Object Transaction Services
 java.activation — JavaBeans Activation Framework
 java.xml.bind — Java Architecture for XML Binding (JAXB)
 java.xml.ws — Java API for XML Web Services (JAX-WS), Web Services Metadata for the Java Platform, and SOAP with Attachments for Java (SAAJ)
 java.xml.ws.annotation — The subset of the JSR-250 Common Annotations defined by Java SE to support web services

Answer 1

Yeap, this is true. Beginner in Springboot such as myself, it is not clear to me why these dependencies exist and what exactly is their purpose.

However, by adding these dependencies to my Gradle configuration in Spring Boot, and using Java 10, I managed to get it to work.